Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/4vY-bTyKzTJbIG8K1hcmZ2OzV3Y.roa
File: 4vY-bTyKzTJbIG8K1hcmZ2OzV3Y.roa (raw, json)
Hash identifier: 94nlldFhiqgmPqtety18s97ySLGHCvNHQ/0uGpBprik=
Subject key identifier: E2:F6:3E:6D:3C:8A:CD:32:5B:20:6F:0A:D6:17:26:67:63:B3:57:76
Certificate issuer: /CN=003b2c3871069002ad0b2f42b0cbf5e92e3be4b3
Certificate serial: 01947B2408BFB1E15C7464B6067FD9E68B67
Authority key identifier: 00:3B:2C:38:71:06:90:02:AD:0B:2F:42:B0:CB:F5:E9:2E:3B:E4:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ADssOHEGkAKtCy9CsMv16S475LM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/4vY-bTyKzTJbIG8K1hcmZ2OzV3Y.roa
Signing time: Sat 18 Jan 2025 20:39:06 +0000
ROA not before: Sat 18 Jan 2025 20:39:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209181
IP address blocks: 45.152.22.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7b:24:08:bf:b1:e1:5c:74:64:b6:06:7f:d9:e6:8b:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=003b2c3871069002ad0b2f42b0cbf5e92e3be4b3
Validity
Not Before: Jan 18 20:39:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2f63e6d3c8acd325b206f0ad617266763b35776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:1a:d0:be:a1:83:1b:45:a6:2d:27:4c:ef:64:
33:6d:5c:7d:e3:04:57:14:9d:b5:15:5c:4c:8d:66:
c4:09:9e:00:9b:6c:d1:7b:5a:9c:4f:61:5c:25:79:
9c:0e:d6:43:ed:95:34:ff:95:64:21:93:fe:7d:25:
df:5d:8b:46:2e:48:07:d8:41:5e:a9:4e:d7:43:e0:
06:0d:b9:c4:67:c0:98:c8:ad:7b:8d:f0:c5:ef:f2:
8a:c6:52:60:6e:00:ea:e4:d1:23:d3:81:51:39:37:
dd:1b:1d:8c:99:db:ab:61:93:bd:08:0e:d8:f1:6c:
5e:9c:2f:a5:fc:75:34:0d:a9:75:82:10:21:fd:53:
af:28:d3:b3:1a:c4:aa:29:6b:d6:26:43:86:b1:01:
c8:2a:c0:79:cb:91:ae:6a:bc:32:d9:98:59:cb:e9:
5d:38:a9:86:9b:b5:21:78:85:3a:32:cc:a8:fe:79:
c9:74:d9:71:9f:b1:a1:68:0d:9a:d6:20:0d:39:8b:
47:94:97:6e:13:34:17:12:df:a8:d8:4b:29:ee:7f:
f5:bb:3d:ec:35:6b:b3:ef:11:d4:4f:2c:4b:91:f9:
9c:c6:bf:f1:9e:e6:92:cf:c8:db:f4:9c:0d:27:52:
62:6d:4a:bd:a3:b0:78:8b:e1:35:18:b9:9b:e3:94:
1b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:F6:3E:6D:3C:8A:CD:32:5B:20:6F:0A:D6:17:26:67:63:B3:57:76
X509v3 Authority Key Identifier:
keyid:00:3B:2C:38:71:06:90:02:AD:0B:2F:42:B0:CB:F5:E9:2E:3B:E4:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ADssOHEGkAKtCy9CsMv16S475LM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/4vY-bTyKzTJbIG8K1hcmZ2OzV3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/ADssOHEGkAKtCy9CsMv16S475LM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.22.0/24
Signature Algorithm: sha256WithRSAEncryption
64:38:ad:97:10:c0:f6:e2:8e:d3:8e:3a:55:a4:d5:74:a7:f1:
7c:ad:0f:fc:3e:2a:84:8a:3f:2e:d4:05:e5:fd:1e:1f:be:11:
c5:4b:94:58:8d:7a:92:80:81:41:78:e9:31:29:cc:fc:ea:d8:
8a:24:0c:de:3e:25:05:ac:6c:d6:94:a7:f4:3a:6d:4c:d7:6a:
8c:43:e1:7f:c9:07:31:53:bb:c2:ad:45:d0:4c:da:1d:6c:91:
05:fa:66:72:48:7d:a8:5d:aa:42:89:47:dc:5d:29:24:b0:72:
fb:87:ce:c0:6a:1f:2b:2d:b9:8e:74:fc:fb:5a:c8:06:25:4c:
73:bc:c5:0d:4a:1a:b5:d8:ce:a5:26:11:01:0f:f4:f3:6c:90:
e0:55:38:01:2a:32:50:59:ef:8a:d5:d5:77:16:73:31:4a:93:
80:28:f8:f0:e0:bc:c5:7d:be:70:79:ed:47:a7:6f:c6:0f:b7:
7f:1f:d0:66:82:ed:89:00:9f:21:64:b8:4a:21:c2:72:18:b6:
a7:b5:f5:31:6c:f9:77:3b:ff:73:65:40:b8:90:c5:c4:27:94:
e9:47:85:ca:f3:38:2b:2a:2f:3c:0a:14:f5:5b:f4:1e:43:74:
46:8e:05:21:7f:db:1c:cb:ef:a3:98:c9:68:a5:24:c2:9a:91:
b0:70:b3:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZR7JAi/seFcdGS2Bn/Z5otnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwM2IyYzM4NzEwNjkwMDJhZDBiMmY0MmIwY2JmNWU5MmUz
YmU0YjMwHhcNMjUwMTE4MjAzOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmY2M2U2ZDNjOGFjZDMyNWIyMDZmMGFkNjE3MjY2NzYzYjM1Nzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BrQvqGDG0WmLSdM72QzbVx94wRX
FJ21FVxMjWbECZ4Am2zRe1qcT2FcJXmcDtZD7ZU0/5VkIZP+fSXfXYtGLkgH2EFe
qU7XQ+AGDbnEZ8CYyK17jfDF7/KKxlJgbgDq5NEj04FROTfdGx2MmdurYZO9CA7Y
8WxenC+l/HU0Dal1ghAh/VOvKNOzGsSqKWvWJkOGsQHIKsB5y5Guarwy2ZhZy+ld
OKmGm7UheIU6Msyo/nnJdNlxn7GhaA2a1iANOYtHlJduEzQXEt+o2Esp7n/1uz3s
NWuz7xHUTyxLkfmcxr/xnuaSz8jb9JwNJ1JibUq9o7B4i+E1GLmb45QbzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOL2Pm08is0yWyBvCtYXJmdjs1d2MB8GA1UdIwQY
MBaAFAA7LDhxBpACrQsvQrDL9ekuO+SzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQURzc09IRUdrQUt0Q3k5Q3NNdjE2UzQ3NUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kOTY2ODgtMmQ5OC00NjM0LTg2ZGIt
YjM1YTBhMTQ1M2ZiLzEvNHZZLWJUeUt6VEpiSUc4SzFoY21aMk96VjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kOTY2ODgtMmQ5OC00NjM0LTg2ZGItYjM1YTBhMTQ1M2Zi
LzEvQURzc09IRUdrQUt0Q3k5Q3NNdjE2UzQ3NUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZgWMA0G
CSqGSIb3DQEBCwUAA4IBAQBkOK2XEMD24o7TjjpVpNV0p/F8rQ/8PiqEij8u1AXl
/R4fvhHFS5RYjXqSgIFBeOkxKcz86tiKJAzePiUFrGzWlKf0Om1M12qMQ+F/yQcx
U7vCrUXQTNodbJEF+mZySH2oXapCiUfcXSkksHL7h87Aah8rLbmOdPz7WsgGJUxz
vMUNShq12M6lJhEBD/TzbJDgVTgBKjJQWe+K1dV3FnMxSpOAKPjw4LzFfb5wee1H
p2/GD7d/H9Bmgu2JAJ8hZLhKIcJyGLantfUxbPl3O/9zZUC4kMXEJ5TpR4XK8zgr
Ki88ChT1W/QeQ3RGjgUhf9scy++jmMlopSTCmpGwcLNI
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:49:55 2025 by rpki-client